package com.yahoo.vespa.hosted.node.admin.task.util.fs;

import com.yahoo.vespa.hosted.node.admin.nodeagent.UserScope;
import com.yahoo.vespa.hosted.node.admin.task.util.file.UnixUser;
import com.yahoo.vespa.hosted.node.admin.task.util.fs.ContainerAttributeViews;
import com.yahoo.vespa.hosted.node.admin.task.util.fs.ContainerUserPrincipalLookupService;
import com.yahoo.yolean.Exceptions;
import java.io.IOException;
import java.net.URI;
import java.nio.channels.SeekableByteChannel;
import java.nio.file.AccessMode;
import java.nio.file.CopyOption;
import java.nio.file.DirectoryStream;
import java.nio.file.FileStore;
import java.nio.file.FileSystem;
import java.nio.file.FileSystemAlreadyExistsException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.ProviderMismatchException;
import java.nio.file.SecureDirectoryStream;
import java.nio.file.attribute.BasicFileAttributeView;
import java.nio.file.attribute.BasicFileAttributes;
import java.nio.file.attribute.FileAttribute;
import java.nio.file.attribute.FileAttributeView;
import java.nio.file.attribute.GroupPrincipal;
import java.nio.file.attribute.PosixFileAttributeView;
import java.nio.file.attribute.PosixFileAttributes;
import java.nio.file.attribute.PosixFilePermission;
import java.nio.file.attribute.PosixFilePermissions;
import java.nio.file.attribute.UserPrincipal;
import java.nio.file.spi.FileSystemProvider;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/yahoo/vespa/hosted/node/admin/task/util/fs/ContainerFileSystemProvider.class */
public class ContainerFileSystemProvider extends FileSystemProvider {
    private static final FileAttribute<?> DEFAULT_FILE_PERMISSIONS = PosixFilePermissions.asFileAttribute(Set.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.GROUP_READ));
    private static final FileAttribute<?> DEFAULT_DIRECTORY_PERMISSIONS = PosixFilePermissions.asFileAttribute(Set.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE, PosixFilePermission.GROUP_READ, PosixFilePermission.GROUP_EXECUTE));
    private final ContainerFileSystem containerFs;
    private final ContainerUserPrincipalLookupService userPrincipalLookupService;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/yahoo/vespa/hosted/node/admin/task/util/fs/ContainerFileSystemProvider$ContainerDirectoryStream.class */
    public class ContainerDirectoryStream implements DirectoryStream<Path> {
        private final DirectoryStream<Path> hostDirectoryStream;
        private final UnixUser user;

        private ContainerDirectoryStream(DirectoryStream<Path> directoryStream, UnixUser unixUser) {
            this.hostDirectoryStream = directoryStream;
            this.user = unixUser;
        }

        @Override // java.nio.file.DirectoryStream, java.lang.Iterable
        public Iterator<Path> iterator() {
            final Iterator<Path> it = this.hostDirectoryStream.iterator();
            return new Iterator<Path>() { // from class: com.yahoo.vespa.hosted.node.admin.task.util.fs.ContainerFileSystemProvider.ContainerDirectoryStream.1
                @Override // java.util.Iterator
                public boolean hasNext() {
                    return it.hasNext();
                }

                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.Iterator
                public Path next() {
                    return ContainerPath.fromPathOnHost(ContainerFileSystemProvider.this.containerFs, (Path) it.next(), ContainerDirectoryStream.this.user);
                }
            };
        }

        @Override // java.io.Closeable, java.lang.AutoCloseable
        public void close() throws IOException {
            this.hostDirectoryStream.close();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ContainerFileSystemProvider(Path path, UserScope userScope) {
        this.containerFs = new ContainerFileSystem(this, path);
        this.userPrincipalLookupService = new ContainerUserPrincipalLookupService(path.getFileSystem().getUserPrincipalLookupService(), userScope);
    }

    public ContainerUserPrincipalLookupService userPrincipalLookupService() {
        return this.userPrincipalLookupService;
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public String getScheme() {
        return "file";
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public FileSystem newFileSystem(URI uri, Map<String, ?> map) {
        throw new FileSystemAlreadyExistsException();
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public ContainerFileSystem getFileSystem(URI uri) {
        return this.containerFs;
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public Path getPath(URI uri) {
        throw new UnsupportedOperationException();
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public SeekableByteChannel newByteChannel(Path path, Set<? extends OpenOption> set, FileAttribute<?>... fileAttributeArr) throws IOException {
        Path pathOnHost = pathOnHost(path);
        SecureDirectoryStream<Path> leafDirectoryStream = leafDirectoryStream(pathOnHost);
        try {
            boolean exists = Files.exists(pathOnHost, new LinkOption[0]);
            SeekableByteChannel newByteChannel = leafDirectoryStream.newByteChannel(pathOnHost.getFileName(), addNoFollow(set), addPermissions(DEFAULT_FILE_PERMISSIONS, fileAttributeArr));
            if (!exists) {
                fixOwnerToContainerRoot(toContainerPath(path));
            }
            if (leafDirectoryStream != null) {
                leafDirectoryStream.close();
            }
            return newByteChannel;
        } catch (Throwable th) {
            if (leafDirectoryStream != null) {
                try {
                    leafDirectoryStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public DirectoryStream<Path> newDirectoryStream(Path path, DirectoryStream.Filter<? super Path> filter) throws IOException {
        Path pathOnHost = pathOnHost(path);
        return new ContainerDirectoryStream(provider(pathOnHost).newDirectoryStream(pathOnHost, filter), toContainerPath(path).user());
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public void createDirectory(Path path, FileAttribute<?>... fileAttributeArr) throws IOException {
        Path pathOnHost = pathOnHost(path);
        boolean exists = Files.exists(pathOnHost, new LinkOption[0]);
        provider(pathOnHost).createDirectory(pathOnHost, addPermissions(DEFAULT_DIRECTORY_PERMISSIONS, fileAttributeArr));
        if (exists) {
            return;
        }
        fixOwnerToContainerRoot(toContainerPath(path));
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public void delete(Path path) throws IOException {
        Path pathOnHost = pathOnHost(path);
        provider(pathOnHost).delete(pathOnHost);
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public void copy(Path path, Path path2, CopyOption... copyOptionArr) throws IOException {
        Path pathOnHost = pathOnHost(path2);
        provider(pathOnHost).copy(pathOnHost(path), pathOnHost, addNoFollow(copyOptionArr));
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public void move(Path path, Path path2, CopyOption... copyOptionArr) throws IOException {
        Path pathOnHost = pathOnHost(path2);
        provider(pathOnHost).move(pathOnHost(path), pathOnHost, addNoFollow(copyOptionArr));
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public void createSymbolicLink(Path path, Path path2, FileAttribute<?>... fileAttributeArr) throws IOException {
        Path pathOnHost = pathOnHost(path);
        boolean exists = Files.exists(pathOnHost, LinkOption.NOFOLLOW_LINKS);
        if (path2 instanceof ContainerPath) {
            path2 = pathOnHost.getFileSystem().getPath(toContainerPath(path2).pathInContainer(), new String[0]);
        }
        provider(pathOnHost).createSymbolicLink(pathOnHost, path2, fileAttributeArr);
        if (exists) {
            return;
        }
        fixOwnerToContainerRoot(toContainerPath(path));
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public Path readSymbolicLink(Path path) throws IOException {
        Path pathOnHost = pathOnHost(path);
        return provider(pathOnHost).readSymbolicLink(pathOnHost);
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public boolean isSameFile(Path path, Path path2) throws IOException {
        if (path2 instanceof ContainerPath) {
            path2 = pathOnHost(path2);
        }
        Path pathOnHost = pathOnHost(path);
        return provider(pathOnHost).isSameFile(pathOnHost, path2);
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public boolean isHidden(Path path) throws IOException {
        Path pathOnHost = pathOnHost(path);
        return provider(pathOnHost).isHidden(pathOnHost);
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public FileStore getFileStore(Path path) {
        throw new UnsupportedOperationException();
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public void checkAccess(Path path, AccessMode... accessModeArr) throws IOException {
        Path pathOnHost = pathOnHost(path);
        provider(pathOnHost).checkAccess(pathOnHost, accessModeArr);
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public <V extends FileAttributeView> V getFileAttributeView(Path path, Class<V> cls, LinkOption... linkOptionArr) {
        if (!cls.isAssignableFrom(PosixFileAttributeView.class)) {
            return null;
        }
        Path pathOnHost = pathOnHost(path);
        FileSystemProvider provider = pathOnHost.getFileSystem().provider();
        return cls == BasicFileAttributeView.class ? (V) provider.getFileAttributeView(pathOnHost, cls, addNoFollow(linkOptionArr)) : new ContainerAttributeViews.ContainerPosixFileAttributeView((PosixFileAttributeView) provider.getFileAttributeView(pathOnHost, PosixFileAttributeView.class, addNoFollow(linkOptionArr)), (ContainerAttributeViews.ContainerPosixFileAttributes) Exceptions.uncheck(() -> {
            return new ContainerAttributeViews.ContainerPosixFileAttributes(readAttributes(path, "unix:*", addNoFollow(linkOptionArr)));
        }));
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public <A extends BasicFileAttributes> A readAttributes(Path path, Class<A> cls, LinkOption... linkOptionArr) throws IOException {
        if (!cls.isAssignableFrom(PosixFileAttributes.class)) {
            throw new UnsupportedOperationException();
        }
        Path pathOnHost = pathOnHost(path);
        return cls == BasicFileAttributes.class ? (A) pathOnHost.getFileSystem().provider().readAttributes(pathOnHost, cls, addNoFollow(linkOptionArr)) : new ContainerAttributeViews.ContainerPosixFileAttributes(readAttributes(path, "unix:*", addNoFollow(linkOptionArr)));
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public Map<String, Object> readAttributes(Path path, String str, LinkOption... linkOptionArr) throws IOException {
        Path pathOnHost = pathOnHost(path);
        if (str.indexOf(58) < 0 || str.startsWith("basic:")) {
            return provider(pathOnHost).readAttributes(pathOnHost, str, addNoFollow(linkOptionArr));
        }
        HashMap hashMap = new HashMap(provider(pathOnHost).readAttributes(pathOnHost, "unix:*", addNoFollow(linkOptionArr)));
        int userIdInContainer = this.userPrincipalLookupService.userIdInContainer(((Integer) hashMap.get("uid")).intValue());
        int groupIdInContainer = this.userPrincipalLookupService.groupIdInContainer(((Integer) hashMap.get("gid")).intValue());
        hashMap.put("uid", Integer.valueOf(userIdInContainer));
        hashMap.put("gid", Integer.valueOf(groupIdInContainer));
        hashMap.put("owner", this.userPrincipalLookupService.userPrincipal(userIdInContainer, (UserPrincipal) hashMap.get("owner")));
        hashMap.put("group", this.userPrincipalLookupService.groupPrincipal(groupIdInContainer, (GroupPrincipal) hashMap.get("group")));
        return hashMap;
    }

    @Override // java.nio.file.spi.FileSystemProvider
    public void setAttribute(Path path, String str, Object obj, LinkOption... linkOptionArr) throws IOException {
        Path pathOnHost = pathOnHost(path);
        provider(pathOnHost).setAttribute(pathOnHost, str, fixAttributeValue(str, obj), addNoFollow(linkOptionArr));
    }

    private Object fixAttributeValue(String str, Object obj) {
        int indexOf = str.indexOf(58);
        if (indexOf > 0) {
            String substring = str.substring(indexOf + 1);
            boolean z = -1;
            switch (substring.hashCode()) {
                case 102338:
                    if (substring.equals("gid")) {
                        z = 3;
                        break;
                    }
                    break;
                case 115792:
                    if (substring.equals("uid")) {
                        z = 2;
                        break;
                    }
                    break;
                case 98629247:
                    if (substring.equals("group")) {
                        z = true;
                        break;
                    }
                    break;
                case 106164915:
                    if (substring.equals("owner")) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    return ((ContainerUserPrincipalLookupService.ContainerUserPrincipal) cast(obj, ContainerUserPrincipalLookupService.ContainerUserPrincipal.class)).baseFsPrincipal();
                case true:
                    return ((ContainerUserPrincipalLookupService.ContainerGroupPrincipal) cast(obj, ContainerUserPrincipalLookupService.ContainerGroupPrincipal.class)).baseFsPrincipal();
                case true:
                    return Integer.valueOf(this.userPrincipalLookupService.userIdOnHost(((Integer) cast(obj, Integer.class)).intValue()));
                case true:
                    return Integer.valueOf(this.userPrincipalLookupService.groupIdOnHost(((Integer) cast(obj, Integer.class)).intValue()));
            }
        }
        return obj;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void createFileSystemRoot() {
        ContainerPath path = this.containerFs.getPath("/", new String[0]);
        if (Files.exists(path, new LinkOption[0])) {
            return;
        }
        Exceptions.uncheck(() -> {
            Files.createDirectories(path.pathOnHost(), new FileAttribute[0]);
            fixOwnerToContainerRoot(path);
        });
    }

    private void fixOwnerToContainerRoot(ContainerPath containerPath) throws IOException {
        setAttribute(containerPath, "unix:uid", Integer.valueOf(containerPath.user().uid()), LinkOption.NOFOLLOW_LINKS);
        setAttribute(containerPath, "unix:gid", Integer.valueOf(containerPath.user().gid()), LinkOption.NOFOLLOW_LINKS);
    }

    private SecureDirectoryStream<Path> leafDirectoryStream(Path path) throws IOException {
        Path containerRootOnHost = this.containerFs.containerRootOnHost();
        SecureDirectoryStream<Path> secureDirectoryStream = (SecureDirectoryStream) Files.newDirectoryStream(containerRootOnHost);
        for (int nameCount = containerRootOnHost.getNameCount(); nameCount < path.getNameCount() - 1; nameCount++) {
            SecureDirectoryStream<Path> newDirectoryStream = secureDirectoryStream.newDirectoryStream(path.getName(nameCount), LinkOption.NOFOLLOW_LINKS);
            secureDirectoryStream.close();
            secureDirectoryStream = newDirectoryStream;
        }
        return secureDirectoryStream;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ContainerPath toContainerPath(Path path) {
        return (ContainerPath) cast(path, ContainerPath.class);
    }

    private static <T> T cast(Object obj, Class<T> cls) {
        if (cls.isInstance(obj)) {
            return cls.cast(obj);
        }
        throw new ProviderMismatchException("Expected " + cls.getSimpleName() + ", was " + obj.getClass().getName());
    }

    private static Path pathOnHost(Path path) {
        return toContainerPath(path).pathOnHost();
    }

    private static FileSystemProvider provider(Path path) {
        return path.getFileSystem().provider();
    }

    private static Set<? extends OpenOption> addNoFollow(Set<? extends OpenOption> set) {
        if (set.contains(LinkOption.NOFOLLOW_LINKS)) {
            return set;
        }
        HashSet hashSet = new HashSet(set);
        hashSet.add(LinkOption.NOFOLLOW_LINKS);
        return hashSet;
    }

    private static LinkOption[] addNoFollow(LinkOption... linkOptionArr) {
        if (Set.of((Object[]) linkOptionArr).contains(LinkOption.NOFOLLOW_LINKS)) {
            return linkOptionArr;
        }
        LinkOption[] linkOptionArr2 = new LinkOption[linkOptionArr.length + 1];
        System.arraycopy(linkOptionArr, 0, linkOptionArr2, 0, linkOptionArr.length);
        linkOptionArr2[linkOptionArr.length] = LinkOption.NOFOLLOW_LINKS;
        return linkOptionArr2;
    }

    private static CopyOption[] addNoFollow(CopyOption... copyOptionArr) {
        if (Set.of((Object[]) copyOptionArr).contains(LinkOption.NOFOLLOW_LINKS)) {
            return copyOptionArr;
        }
        CopyOption[] copyOptionArr2 = new CopyOption[copyOptionArr.length + 1];
        System.arraycopy(copyOptionArr, 0, copyOptionArr2, 0, copyOptionArr.length);
        copyOptionArr2[copyOptionArr.length] = LinkOption.NOFOLLOW_LINKS;
        return copyOptionArr2;
    }

    private static FileAttribute<?>[] addPermissions(FileAttribute<?> fileAttribute, FileAttribute<?>... fileAttributeArr) {
        for (FileAttribute<?> fileAttribute2 : fileAttributeArr) {
            if (fileAttribute2.name().equals("posix:permissions") || fileAttribute2.name().equals("unix:permissions")) {
                return fileAttributeArr;
            }
        }
        FileAttribute<?>[] fileAttributeArr2 = new FileAttribute[fileAttributeArr.length + 1];
        System.arraycopy(fileAttributeArr, 0, fileAttributeArr2, 0, fileAttributeArr.length);
        fileAttributeArr2[fileAttributeArr.length] = fileAttribute;
        return fileAttributeArr2;
    }
}
